dovecot-example.conf revision 65497fd5c3efa66319a1486addb272413403653a
## Dovecot 1.0 configuration file
# Default values are shown after each value, it's not required to uncomment
# any of the lines. Exception to this are paths, they're just examples
# with real defaults being based on configure options. The paths listed here
# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
# Port to listen in for IMAP connections. This port is used for TLS
# connections as well. Setting it to 0 disables it.
#imap_port = 143
# Port to listen in for SSL IMAP connections. Setting it to 0 disables it.
#imaps_port = 993
# IP or host address where to listen in for IMAP connections. It's not
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
# "::" listens in all IPv6 interfaces, but may also listen in all IPv4
# interfaces depending on the operating system.
#imap_listen = *
# IP or host address where to listen in for SSL IMAP connections. Defaults
# to imap_listen if not specified.
#imaps_listen =
# Disable SSL support.
#ssl_disable = no
# dropping root privileges, so keep the key file unreadable by anyone but
# certificate, just make sure to update the domains in dovecot-openssl.cnf
# SSL parameter file. Master process generates this file for login processes.
# It contains Diffie Hellman and RSA parameters.
#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
# How often to regenerate the SSL parameters file. Generation is quite CPU
# intensive operation. The value is in hours, 0 disables regeneration
# entirely.
#ssl_parameters_regenerate = 24
# Disable LOGIN command and all other plaintext authentications unless
#disable_plaintext_auth = no
# Use this logfile instead of syslog()
#log_path =
# For informational messages, use this logfile instead of the default
#info_log_path =
# Prefix for each line written to log file. % codes are in strftime(3)
# format. Note the extra space at the end of line.
#log_timestamp = %b %d %H:%M:%S
##
## Login process
##
# Executable location
#login_executable = /usr/libexec/dovecot/imap-login
# User to use for imap-login process
#login_user = imapd
# Set max. process size in megabytes. If you don't use
# login_process_per_connection you might need to grow this.
#login_process_size = 16
# Directory where imap-auth places authentication UNIX sockets which login
# needs to be able to connect to. The sockets are created when running as
# root, so you don't need to give imap-auth any access for it.
# chroot imap-login process to the login_dir. Only reason not to do this
# is if you wish to run the whole imapd without roots.
#login_chroot = yes
# Should each login be processed in it's own process (yes), or should one
# login process be allowed to process multiple connections (no)? Yes is more
# to create processes all the time.
#login_process_per_connection = yes
# Number of imap-login processes to create. If login_process_per_user is
# yes, this is the number of extra processes waiting for users to log in.
#login_processes_count = 3
# Maximum number of extra login processes to create. The extra process count
# usually stays at login_processes_count, but when multiple users start logging
# in at the same time more extra processes are created. To prevent fork-bombing
# we check only once in a second if new processes should be created - if all
# of them are used at the time, we double their amount until limit set by this
# setting is reached. This setting is used only if login_process_per_use is yes.
#login_max_processes_count = 128
# Maximum number of connections allowed in login state. When this limit is
# reached, the oldest connections are dropped. If login_process_per_user
# is no, this is a per-process value, so the absolute maximum number of users
# logging in actually login_processes_count * max_logging_users.
#max_logging_users = 256
##
## IMAP process
##
# Executable location
# Set max. process size in megabytes. Most of the memory goes to mmap()ing
# files, so it shouldn't harm much even if this limit is set pretty high.
#imap_process_size = 256
# Maximum number of running imap processes. When this limit is reached,
# new users aren't allowed to log in.
#max_imap_processes = 1024
# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no
# Note that denying root logins is hardcoded to imap-master binary and
# can't be done even if first_valid_uid is set to 0.
#first_valid_uid = 500
#last_valid_uid = 0
#first_valid_gid = 1
#last_valid_gid = 0
# ':' separated list of directories under which chrooting is allowed for imap
# WARNING: Never add directories here which local users can modify, that
# may lead to root exploit. Usually this should be done only if you don't
# allow shell access for users.
#valid_chroot_dirs =
# Default MAIL environment to use when it's not set. By leaving this empty
# dovecot tries to do some automatic detection as described in
# doc/mail-storages.txt. $U will be replaced with username. Some examples:
#default_mail_env =
# Space-separated list of fields to cache for all mails. Currently these
# fields are allowed followed by a list of commands they speed up:
#
# Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
# SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
# HEADER IN-REPLY-TO
# Body - FETCH BODY
# Bodystructure - FETCH BODY, BODYSTRUCTURE
# MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
# SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
# generation. This is always set with mbox mailboxes, and
# also default with Maildir.
#
# Different IMAP clients work in different ways, that's why Dovecot by default
# only caches MessagePart which speeds up most operations. Whenever client
# does something where caching could be used, the field is automatically marked
# to be cached later. For example after FETCH BODY the BODY will be cached
# for all new messages. Normally you should leave this alone, unless you know
# what most of your IMAP clients are. Caching more fields than needed makes
# the index files larger and generate useless I/O.
#
# With maildir there's one extra optimization - if nothing is cached, indexing
# the maildir becomes much faster since it's not opening any of the mail files.
# This could be useful if your IMAP clients access only new mails.
#mail_cache_fields = MessagePart
# Dovecot can notify client of new mail in selected mailbox soon after it's
# received. This setting specifies the minimum interval in seconds between
# new mail notifications to client - internally they may be checked more or
# less often. Setting this to 0 disables the checking.
# NOTE: Evolution client breaks with this option when it's trying to APPEND.
#mailbox_check_interval = 0
# Space-separated list of fields that Dovecot should never set to be cached.
# Useful if you want to save disk space at the cost of more I/O when the fields
# needed.
#mail_never_cache_fields =
# Save mails with CR+LF instead of plain LF. This makes sending those mails
# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
# But it also creates a bit more disk I/O which may just make it slower.
#mail_save_crlf = no
# Use mmap() instead of read() to read mail files. read() seems to be a bit
#mail_read_mmaped = no
# Copy mail to another folders using hard links. This is much faster than
# actually copying the file. Only problem with it is that if either of the
# mails are modified directly both will change. This isn't a problem with
# IMAP however since it offers no way to modify the existing mails. Also
# at least mutt modifies mails by deleting the old one and inserting a new
# modified mail. So if performance matters at all you should turn this on.
#maildir_copy_with_hardlinks = no
# Check if mails' content has been changed by external programs. This slows
# down things as extra stat() needs to be called for each file.
#maildir_check_content_changes = no
# Which locking methods to use for locking mbox. All of them are used by
# default. flock is ignored in systems which don't have it. Note that the
# order of fcntl and flock are important to prevent deadlocks if they're both
# also used by other programs accessing the mailbox. Dotlock file is always
# created first.
#mbox_locks = dotlock fcntl flock
# Should we create dotlock file even when we want only a read-lock? Setting
# this to yes hurts the performance when the mailbox is accessed simultaneously
# by multiple processes, but it's needed for reliable reading if no other
# locking methods are available.
#mbox_read_dotlock = no
# Maximum time in seconds to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 300
# If dotlock exists but the mailbox isn't modified in any way, override the
# lock file after this many seconds.
#mbox_dotlock_change_timeout = 30
# If main index file is incompatible with us, should we overwrite it or
# create a new index with another name. Unless you are running Dovecot in
# multiple computers with different architectures accessing the same
# mailboxes (eg. via NFS), it's safe to set this "yes".
#overwrite_incompatible_index = no
# umask to use for mail files and directories
#umask = 0077
##
## Authentication processes
##
# You can have multiple processes; each time "auth = xx" is seen, a new
# process definition is started. The point of multiple processes is to be
# authentication requires roots, but if you also use digest-md5 authentication
# for some users, you can authenticate them without any privileges in a
# separate auth process. Just remember that only one auth process is asked
# for the password, so you can't have different passwords with different
# processes (unless they have different auth methods, and you're ok with
# having different password for each method).
# Authentication process name.
# Authentication methods this process allows separated with a space.
# Currently supported: plain digest-md5
# Space separated list of realms with authentication methods that need them.
# This is usually empty or the host name of the server (eg.
# - plain auth checks the password from all realms specified in here
# - digest-md5 must have the password added for each realm separately, and
# many clients simply use the first realm listed here. so if you really
# need to add more realms, add them to end of the list.
#auth_realms =
# Where the user information and passwords are stored into:
# pam: PAM authentication
# passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5
# style passwords
# vpopmail: vpopmail authentication
# Executable location
# Set max. process size in megabytes.
#auth_process_size = 256
# User to use for the process. Only shadow and pam authentication requires
# roots, so use something else if possible.
# Directory where to chroot the process. Most authentication backends don't
# work if this is set, and there's no point chrooting if auth_user is root.
#auth_chroot =
# Number of authentication processes to create
#auth_count = 1
# digest-md5 authentication process. It requires special MD5 passwords which
# Note that the passwd-file is opened before chrooting and dropping root
# privileges, so it may be 0600-root owned file.
#auth = digest_md5
#auth_methods = digest-md5
#auth_realms =
#auth_userinfo = passwd-file /etc/passwd.imap
#auth_user = imapauth
# if you plan to use only passwd-file, you don't need the two auth processes,
# simply set "auth_methods = plain digest-md5"